UNCLASSIFIED - NO CUI

Skip to content

Update dependency redis/redis to v6.2.11

renovate requested to merge renovate/redis-redis-6.2.x into development

This MR contains the following updates:

Package Type Update Change
redis/redis ironbank-github patch 6.2.10 -> 6.2.11
redis/redis patch 6.2.10 -> 6.2.11

Release Notes

redis/redis

v6.2.11

Compare Source

Upgrade urgency: SECURITY, contains fixes to security issues.

Security Fixes:

  • (CVE-2023-25155) Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process.
  • (CVE-2022-36021) String matching commands (like SCAN or KEYS) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time.

Bug Fixes

  • Fix a crash when reaching the maximum invalidations limit of client-side tracking (#​11814)
  • Fix cluster inbound link keepalive time (#​11785)
  • Make sure that fork child doesn't do incremental rehashing (#​11692)

Performance and resource utilization improvements

  • Avoid realloc to reduce size of strings when it is unneeded (#​11766)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about these updates again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Merge request reports

UNCLASSIFIED - NO CUI